1. Field of the Invention
The invention is related to the field of communications, and in particular, to establishing and using a secure control interface between a service provider and an access provider interface at a customer premise.
2. Description of the Prior Art
A communication service provider provides communications services to customers. For example, Sprint Corporation provides telephony and Internet services to many businesses. The 3rd party communications network between the service provider and the customer are referred to as access or the access provider. Sometimes, the service provider also provides the access for the communication services, and thus, the service provider is also the access provider. For example, Sprint Corporation may provide wireless access between the customer and Sprint's service systems that provide the Internet and telephony services. Other times, the service provider does not provide the access, and instead, a separate access provider provides the access between the customer and the service provider. For example, a cable television company may provide the access between customers and Sprint, where Sprint provides the customer with Internet and telephony services over the access provided by the cable television company. This situation appears to be expanding as a growing number of companies are providing access and a growing number of other companies are providing communication services.
In the past, the access was typically provided over Time Division Multiplex (TDM) connections. In a situation where one company provided TDM access and a separate company provided services to the customer over the TDM access, the service provider was given the ability to perform loopback tests over the TDM connection. For example, the service provider would send a control signal over the TDM connection to the access provider customer interface at the customer premise, and the access provider customer interface would loopback the TDM communication path back to the service provider for testing and troubleshooting purposes.
TDM connections physically separate customer traffic by time slots. Thus, the traffic of one customer is isolated from the traffic of other customers. Given the isolation of a TDM connection, a hacker could not view or modify the traffic in another customer's time slot. Loopbacks cannot be triggered by a hacker. Thus, TDM access connections provide inherent security benefits.
At present, the access is increasingly provided over packet connections, such as Internet Protocol (IP) or Ethernet links. These packet access connections do not have the same inherent security benefits of TDM access connections. In particular, packet systems do not effectively isolate the traffic of various customers. Thus, a hacker that poses as a customer could cause serious problems to other customers if they can access troubleshooting and testing functions, such as loopback functionality. Unfortunately, this security problem prevents the service provider from performing effective testing and control of a packet access connection that is provided by a separate access provider.